Cancel
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
What's your BHOUT Club?
Continue
Cancel
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
What's your BHOUT Club?
Continue
Cancel
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
What's your BHOUT Club?
Continue
Cancel
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
What's your BHOUT Club?
Continue
Cancel
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Escolhe a tua loja e faz download da app BHOUT.
No BHOUT Club quem gere és tu, marca as tuas aulas e gere os teus planos na nossa app.
Cancel
Change Language
Close
Spar your questions.
How can we help? Start by selecting a subject.
Thanks for stepping
into the ring.
Your form was successfully placed. We will get back to you soon.
Oops! Something went wrong, please try again.

Privacy Policy

The commercial company BHT, UNIPESSOAL LDA., with registered office at Rua de Carvalha, nº 570, 2400 - 441 Leiria, registered at the Commercial Registry Office of Leiria, under the single registration number and legal person 515724637, with a share capital of €5,000.00 (hereinafter "BHT" or "Data Controller") is responsible for the processing of personal data collected through the website www.bhout.com ("Website"),  of the BHOUT mobile application ("App"), or in the context of other interactions with its customers.

BHT IS COMMITTED TO PROTECTING THE PRIVACY AND PERSONAL DATA OF ITS CUSTOMERS AND WEBSITE/APP USERS AND HAS THEREFORE DEVELOPED AND ADOPTED THIS POLICY AND THE PRACTICES DESCRIBED HEREIN. THIS PRIVACY POLICY EXPLAINS HOW YOUR PERSONAL DATA IS COLLECTED AND PROCESSED, SO WE RECOMMEND THAT YOU READ IT CAREFULLY TO FIND OUT ABOUT THE CONDITIONS UNDER WHICH YOUR PERSONAL DATA IS COLLECTED AND USED.

1.
What does this Policy consist of?
2.
What is Personal Data?
3.
For what purposes do we use your Personal Data?
4.
What are the legal grounds for the processing of Personal Data?
5.
What categories of Personal Data do we collect?
6.
How do we collect your Personal Data?
7.
What are Cookies?
8.
What are Pixel Tags and other similar technologies?
9.
How do we protect your Personal Data?
10.
How long do we keep your Personal Data?
11.
What are your rights and how can you exercise them?
12.
When do we communicate data to third parties?
13.
Communication of data to Franchise Clubs
14.
Third-Party Websites
15.
Data transfers to third countries
16.
Processing data of minors
17.
Special categories of data
18.
Changes to the Privacy Policy
19.
Our contact details
20.
Last Updated Date

1. WHAT DOES THIS POLICY CONSIST OF?

1.1. This Privacy Policy transparently explains how we collect and process the personal data of the users of the WEBSITE/APP and our customers, in accordance with the General Data Protection Regulation (GDPR) and other applicable legislation.

1.2. The terms used in this Policy have the meanings given to them in the GDPR, unless expressly stated otherwise.

2. WHAT IS PERSONAL DATA?

2.1. Personal data is any information relating to an identified or identifiable natural person ("data subject"), regardless of the nature and support of such information, including sound and image.

2.2. Examples of personal data we collect include: full name, telephone number, email address, address, date of birth or tax identification number.

2.3. An identifiable person means a natural person who can be identified, directly or indirectly, in particular by reference to an identifier (name, identification number, location data, electronic identifiers) or to one or more elements specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

2.4. Your personal data will be treated with respect for the fundamental principles of data protection: lawfulness, fairness and transparency; limitation of purposes; data minimization; accuracy; limitation of conservation; integrity and confidentiality; and responsibility.

3. FOR WHAT PURPOSES DO WE USE YOUR PERSONAL DATA?

3.1. We process your personal data for the following purposes:

a) Management of the contractual relationship: Processing of purchases, training reservations and provision of contracted services;

b) Communication and customer support: Responding to questions, requests for information and providing support;

c) Communication with insurance companies: Contact with insurance companies in the event of an accident during sports practice;

d) Human resources management: Analysis and monitoring of applications for collaboration with BHT;

e) Direct marketing: Sending newsletters and commercial communications about BHT products, services and events, with your prior consent (if required by law);

f) Management and improvement of the WEBSITE/APP: Technical operations, usage analysis and optimization of the user experience;

g) Administrative management: Maintenance of contact records and interaction history;

h) Business analysis: Statistical analysis of aggregated data, internal audits and market studies;

i) Security and fraud prevention: Protection against fraudulent activities and ensuring the security of systems;

j) Development of products and services: Identification of trends, evaluation of the effectiveness of campaigns and development of new services;

k) Compliance with legal obligations: Compliance with tax, accounting and regulatory obligations;

l) Management of the franchise network: Sharing of necessary data with franchised clubs for local provision of services.

3.2. Your personal data will not be used for purposes incompatible with those for which it was collected, unless we have obtained your prior consent or if this is permitted by law.

4. WHAT ARE THE LEGAL GROUNDS FOR THE PROCESSING OF PERSONAL DATA?

4.1. BHT'sprocessing of your personal data is based on the following legal grounds asprovided for in Article 6 of the GDPR:

Purpose Basis of Lawfulness
Communication and customer support Performance of contract / Legitimate interest
Communication with insurance companies Legitimate interest
Human Resource Management Pre-contractual steps / Consent
Direct marketing Consent / Legitimate interest
Management and improvement of the WEBSITE/APP Legitimate interest / Consent (cookies)
Administrative management Legitimate interest
Business analysis Legitimate interest
Security and fraud prevention Legitimate interest
Product and service development Legitimate interest / Consent (cookies)
Compliance with legal obligations Legal obligation
Franchising network management Legitimate interest / Contract performance

4.2. When theprocessing is based on consent, you have the right to withdraw it at any time,without compromising the lawfulness of the processing carried out on the basisof the consent previously given.

4.3. When we invokelegitimate interest, we carry out a balancing assessment to ensure that ourinterests do not prevail over your fundamental rights and freedoms.

5. WHAT CATEGORIES OF PERSONAL DATA DO WE COLLECT?

5.1. The categories of personal data we collect include:

Category Specific Data
Identification data Full name, date of birth, gender, photograph
Contact details Email address, phone number, address
Billing data Tax identification number, payment details, purchase history
Usage data Training history, preferences, feedback
Technical data IP address, browser type, operating system
Professional data CV, professional experience (for applications)
Health data Medical information relevant to sports practice (with explicit consent)

5.2. We apply theprinciple of data minimization, collecting only the data strictly necessary foreach specific purpose.

6. HOW DO WE COLLECT YOUR PERSONAL DATA?

6.1. We collect your personal data through:

a) Online forms: Account registration, subscriptions, purchases;

b) Use of the Website and Mobile Application: Data provided and generated during use;

c) Direct communications: Emails, telephone calls, messages;

d) Cookies and similar technologies: Browsing data and preferences;

e) BHOUT clubs: Data collected locally by the clubs in the network;

f) Public sources: When legally permitted;

g) Social media: When you interact with us through these platforms

6.2. We undertake to process your data lawfully, fairly and transparently, always respecting the principles of data protection

6.3. The personal data of minors under 16 years of age will only be processed with the consent of the holders of parental responsibilities.

7. WHAT ARE COOKIES?

7.1. Cookies are small text files stored on your device that allow us to recognize your browser and improve your browsing experience.

7.2. We use the following types of cookies:

• Essential cookies: Necessary for the operation of the website;

• Performance cookies: For statistical analysis of usage;

• Functionality cookies: To save your preferences;

• Marketing cookies: For personalization of advertising content.

7.3. With the exception of essential cookies, all other cookies depend on your prior consent, which can be withdrawn at any time through your browser settings.

7.4. For detailed information, please refer to our Cookie Policy.

8. WHAT ARE PIXEL TAGS AND OTHER SIMILAR TECHNOLOGIES?

8.1. Pixel tags (also known as web beacons) are small, transparent images that allow us to:

• Monitor the effectiveness of email marketing campaigns;

• Compile statistics on the use of the services;

• Improve the user experience.

8.2. The use of these technologies is subject to the same principles as those applicable to cookies.

9. HOW DO WE PROTECT YOUR PERSONAL DATA?

9.1. We have implemented appropriate technical and organisational measures to protect your personal data, including:

a) Technical measures:

• Data encryption in transit (TLS/SSL);

• Secure password storage (one-way hashing);

• Firewalls and intrusion detection systems;

• Regular backups and recovery plans;

• Regular security updates.

b) Organizational measures:

• Role-based access control;

• Regular training of employees;

• Confidentiality agreements;

• Internal security policies;

• Periodic security audits.

9.2. Our service providers are carefully selected and contractually obligated to implement appropriate security measures.

9.3. Despite the measures implemented, no system is completely inviolable. In the event of a personal data breach, we will comply with the notification obligations set out in the GDPR.

9.4. We recommend that:

• Keep your access credentials confidential;

• Use strong and unique passwords;

• Always log out after use;

• Notify us immediately of any unauthorized use.

10. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

10.1. Your personal data will be kept only for the period necessary to fulfill the purposes for which they were collected.

10.2. At the end of the storage period, the data will be securely deleted or irreversibly anonymized.

10.3. The deadlines indicated may be extended when necessary for the exercise or defense of rights in judicial proceedings.

11. WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?

11.1. As a data subject, you have the following rights:

a) Right of access (Art. 15 GDPR): Obtain confirmation about the processing and access to your personal data;

b) Right to rectification (Art. 16 GDPR): Request the correction of inaccurate or incomplete data;

c) Right to erasure ("right to be forgotten") (Art. 17 GDPR): Request the deletion of your data in certain circumstances;

d) Right to restriction of processing (Art. 18 GDPR): Request the suspension of processing in specific situations;

e) Right to object (Art. 21 GDPR): Object to the processing of your data, including for direct marketing purposes;

f) Right to portability (art. 20 GDPR): Receive your data in a structured format and transmit it to another controller;

g) Right not to be subject to automated decisions (Art. 22 GDPR): Not to be subject to decisions made solely on the basis of automated processing;

h) Right to withdraw consent: Where processing is based on consent, you can withdraw consent at any time.

11.2. To exercise your rights, please contact us by email using the address privacy@bhout.com.

11.3. If you believe that BHT has processed your data in violation of any applicable legal provision, you have the right to lodge a complaint with the supervisory authority:

National Data Protection Commission (CNPD)

• Website: www.cnpd.pt

• Email: geral@cnpd.pt

• Phone: 213 928 400

12. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?

12.1. We may communicate your personal data in the following situations:

a) Subcontractors: Service providers acting on our behalf (payment processing, data hosting, marketing, accounting, legal services) - For example, BHT currently uses the services of the company ZAPPY Ltd trading (GLOFOX), with registered office at Unit 7A, Sandyford Business Centre, Sandyford, Dublin 16, for customer management purposes - more information on how GLOFOX protects your data here:  https://www.glofox.com/privacy-policy/;

b) Commercial partners: Entities with whom we have partnership agreements, always with their prior consent;

c) Public authorities: When legally obliged (tax, judicial, regulatory authorities);

d) Insurance companies: In the event of an accident or claim;

e) Successors: In the event of a merger, acquisition or sale of assets;

f) Franchised clubs: As detailed in the following section.

12.2. We ensure that all recipients of the data:

• Are contractually bound by confidentiality obligations;

• They may only process the data in accordance with our instructions;

• Implement appropriate security measures.

13. COMMUNICATION OF DATA TO FRANCHISE CLUBS

13.1. As a franchisor, BHT may communicate certain personal data to the franchised clubs of the BHOUT network for the following purposes:

a) Local provision of services: Data necessary for the performance of training and activities in the chosen club;

b) Reservation management: Information on reservations and subscriptions for coordination between clubs;

c) Continuity of service: Allow the use of services in different clubs of the network;

d) Quality control: Aggregated data for monitoring the quality of the service;

e) Centralised billing: When applicable, for financial management of the network.

13.2. Responsibilities in the processing:

• BHT and the franchised clubs may act as joint or independent liables, depending on the specific operation;

• There is a written agreement that defines the responsibilities of each party;

• Each franchisee club is responsible for the security of the data in its establishment.

13.3. Data shared with franchisees:

• Identification data (name, contacts);

• History of training and reserves;

• Type of subscription;

• Safety-relevant information during training.

13.4. Warranties:

• Franchisees are contractually bound to comply with the GDPR;

• Implement security measures equivalent to those of BHT;

• They may only use the data for the authorized purposes;

• They must delete the data when they cease to be franchisees.

14. THIRD-PARTY WEBSITES

14.1. The WEBSITE/APP may contain links to third-party websites. We are not responsible for the privacy practices of these websites.

14.2. We recommend that you consult the privacy policies of each website you visit.

14.3. The presence of links does not imply endorsement or validation of the content of these websites.

15. DATA TRANSFERS TO THIRD COUNTRIES

15.1. Your personal data may be transferred to countries outside the European Economic Area (EEA) only where:

(a) the European Commission has adopted an adequacy decision in respect of the recipient country;

(b) appropriate safeguards have been put in place, such as:

• Standard contractual clauses approved by the European Commission;

• Binding Business Rules (BCRs);

• Approved certifications or codes of conduct.

(c) one of the derogations provided for in Article 49 of the GDPR applies.

15.2. You can request information about the transfers and obtain a copy of the guarantees implemented by contacting us via email privacy@bhout.com.

16. PROCESSING DATA OF MINORS

16.1. Our services are not intended for children under the age of 16.

16.2. If we become aware that we have collected data from children under the age of 16, we will delete it immediately.

17. SPECIAL CATEGORIES OF DATA

17.1. Specialcategories of data (sensitive data) include data revealing racial or ethnicorigin, political opinions, religious or philosophical beliefs, trade unionmembership, genetic data, biometric data, data concerning health, sex life orsexual orientation.

17.2. As a rule, wedo not collect data from special categories. Exceptions:

  • Health data: Only when strictly necessary for     safe sports practice and with your explicit consent;
  • Biometric data: If we implement biometric access     systems, with explicit consent.

17.3. This databenefits from enhanced protection and is treated with additional securitymeasures.

18. CHANGES TO THE PRIVACY POLICY

18.1. We reservethe right to change this Privacy Policy at any time.

18.2. Changes willbe published on the WEBSITE/APP, or by email (for substantial changes);

18.3. Continued useof the services after changes constitutes acceptance of the new policy.

18.4. We maintainan archive of previous versions of this policy.

19. OUR CONTACT DETAILS

19.1. For questions related to this Privacy Policy or the processing of your personal data please contact us:

BHT, Unipessoal Lda.

• Email: privacy@bhout.com

• Address: Rua de Carvalha, nº 570, 2400-441 Leiria

19.2. We undertake to respond to your requests as soon as possible.

20. LAST UPDATED DATE

May 2025